You can use our REST API collector to do this.

Your Collect URL Depends on your Devo Domain Region, which you can find here:
https://docs.devo.com/space/latest/95128275/Query+API

The Collect Method will be POST with Body, with an example Body:

{  "from": "${earliest || ((Date.now() / 1000) - 300 | 0)}",  "to": "${latest|| ((Date.now() / 1000) | 0)}",  "query": "from x.x.x.x select *"}

You of course will need to update your Query.

This will pass in an Earliest / Latest Time, when one is provided either during Scheduling or Ad-Hoc Runs:

Scheduling and Running | Cribl Docs

Schedule a Collector to run on a recurring interval

However if you do not, it defaults to "-5m@m to Now"

Please note, that Devos API requires a 10 digit Epoch Timestamp.
If a 13 Digit Timestamp is provided, it will fail.

Information regarding Date.now():

Date.now() - JavaScript | MDN

The static Date.now() method returns the number of milliseconds elapsed since the epoch, which is defined as the midnight at the beginning of January 1, 1970, UTC.

You will authenticate with a Bearer Token, per Devos Documentation:
https://docs.devo.com/space/latest/95128442/Authorizing+Query+API+requests#OAuth-token

Devos Documentation regarding Authenitcation Tokens:
https://docs.devo.com/space/latest/94763821/Authentication+tokens

To get your Authentication Token, once youve logged in to Dev, navigate to:
Left Side Bar > Administration > Credentials > Tokens > New Token.
Configure the token with the appropriate requirements

Enable the "Disable Time Filter" to ensure we arent excluding events.
More information can be found here:

REST / API Endpoint | Cribl Docs

Collect and replay data via REST API calls

Your REST Collector will look something like this: